Delta chat to protonmail user

Expected behavior

OpenPGP messaging between protonmail users and Delta Chat users.

Actual behavior

Protonmail is accepting PGP public key from Delta Chat and future mail are encrypted, but Delta Chat is not able to accept the OpenPGP key provided by protonmail to decrypt the message.

Example Images

I can confirm this behavior.

Hi and a warm welcome :slight_smile:

IMHO the problem is Autocrypt.

Ok, not really Autocrypt :wink: The problem is, DC uses Autocrypt to
transfer the public key to the receiver. But Protonmail dosn’t support
Autocrypt AFAIK.
Probably the key from the Protonmail will not sent to DC. So DC will not
know the public key of the Protonmailaddress.

I’m not absolutely sure. But I think so.

Thanks webratte! :slightly_smiling_face:

yeah, it would be nice if Protonmail (and Tutanota) would start supporting Autocrypt soon!
I hope there is some way to solve this until then…

Hi
My testing:

  • send DC email to protonmail = OK
  • protonmail is understanding the DC public key and is able to trust it = OK
  • protonmail reply to DC before trusting the DC public key = OK but not encrypted
  • protonmail reply to DC before trusting the DC public key + attachement of protonmail public key (asc file) = KO DC is not understanding the ASC file.
  • protonmail reply to DC after trusting the key = KO reply is encrypted and DC can’t read it.

Understanding standard OpenPGP email would be wonderful.

Haven’t checked lately but i think Protonmail accepts incoming Autocrypt keys but it does not produce outgoing Autocrypt keys so Delta Chat can’t encrypt to it. Hopefully that changes some day but it’s on their side, mostly.

I confirm this behavior.

It would be great to tap on the attached key, to get a pop up “would you like to use this key to communicate with foo@protonmail.com”, click yes/no and to use the key subsequently

Just stumbled upon the same situation after switching my email to protonmail. It’s a bit a disappointing, but I guess we cannot have everything at all yet :slight_smile:

What I do not understand: could this be even solved by Delta Chat alone? (as far as I understand yes, if it would implement full OpenPGP support… but I do not really understand what I am talking about, I just want to able to explain the situation. )

Any links I should read would be appreciated.


For those interested, here is what gathered so far:

In FAQ - Delta Chat i read:

Autocrypt uses a limited subset of OpenPGP functionality.

In OpenPGP Considerations, Part III: Autocrypt and Encryption by Default · OpenKeychain

In K-9 Mail version 5.400, OpenPGP encryption was changed to adhere to the Autocrypt specification.

In “Update on Autocrypt support” on Protonmail reddit by a protonmail staff member (am not allowed more than 2 links, sorry:

Our feeling is that the [autocrypt] protocol has significant security weaknesses and therefore we don’t feel it’s ready for implementation.

Thanks for your input. Do Protonmail refer to any source regarding their feeling?

no: https://www.reddit.com/r/ProtonMail/comments/c1p5am/update_on_autocrypt_support/

I’ll check their blog when I have the time and then maybe ask them directly.